Berkley

SVP, Head of Security Technology

Location Name DE, Wilmington
ID
2026-14177
Date Posted
4 hours ago(7/7/2026 11:46 AM)
Company
Berkley Technology Services LLC
Primary Location
US-DE-Wilmington
Loc2
TX, Irving - 222 Las Colinas Boulevard W
Category
Information Technology

Company Details

Berkley Technology Services LLC_logo

"Thoughtful Minds | Empowering Possibilities"

W. R. Berkley Corporation is comprised of 60+ businesses alongside Berkley Technology Services (BTS) and other shared services groups.

Here at Berkley Technology Services, the core of our success is our people. Our teams bring their own unique perspective and experiences which enables us to translate the needs of our business to deliver adaptable, secure solutions while providing an unmatched user-focused experience.

Our tagline "Thoughtful Minds | Empowering Possibilities" was crafted with our own teams in mind. At BTS, our teams thrive in Berkley's decentralized model - leveraging the power of being part of a long standing, heritage brand with extensive expertise while innovation and being entrepreneurial is encouraged.

Internally, we operate as a relatively flat organization valuing communication and feedback. We pride ourselves in an open-door policy where no one is treated differently based on title, fostering a culture of trust, transparency, and engagement.

Mission (what we stand for): We believe in the value of every voice, translate needs into capabilities, and secure the future of Berkley.

Vision (where we're going): Be the foundation of Berkley through adaptable solutions, resilient environments, and an unmatched experience.

Come join us as we push forward into the future of industry leading technological solutions.

 

The Company is an equal employment opportunity employer.

Responsibilities

The SVP, Head of Security Technology, leads the modernization and delivery of the enterprise's core cybersecurity technology capabilities through an AI-enabled, automation-first, engineering-led model. This role reports to the CISO.

This role is accountable for evolving and integrating:

  • Security Architecture

  • Security Engineering

  • Identity and Access Management (IAM)

  • Continuous Threat and Exposure Management (CTEM)

The position transforms legacy, siloed security functions (e.g., vulnerability management, attack surface management, application security) into a scalable, intelligence-driven security ecosystem that:

  • Reduces enterprise risk through engineering and automation

  • Embeds security into enterprise architecture and technology platforms

  • Strengthens identity lifecycle governance and compliance

  • Enables continuous, risk-based exposure management

  • Improves efficiency, control effectiveness, and compliance readiness

  • Drives alignment between cybersecurity capabilities and business risk priorities, ensuring security investments directly support enterprise resilience, customer trust, and growth objectives

Responsibilities

Report to the CISO and lead the strategic execution across a team of security directors, managers, architects, engineers and analysts across multiple security technology disciplines.

Security Architecture

  • Define enterprise security architecture strategy, standards, and roadmaps

  • Embed secure-by-design principles across cloud, applications, data, and AI

  • Establish reusable design patterns and reduce exception-based approvals

  • Integrate security into transformation and modernization efforts

  • Lead Zero Trust security architecture strategy and adoption across identity, network, application, and data layers

  • Establish reference architectures for multi-cloud and hybrid environments, including CNAPP, CIEM, and data protection controls

Security Engineering

  • Lead engineering and lifecycle management of security platforms and controls

  • Establish automation-first operations (API, orchestration, policy-as-code)

  • Standardize tooling and reduce manual processes through automation

  • Improve platform resilience, telemetry, and service performance

  • Transition to a product and platform-based security engineering model with defined service ownership, SLAs, and performance metrics

  • Drive rationalization of security tools and vendors to reduce cost and complexity while improving capability coverage

Identity and Access Management (IAM) - User Administrative Lifecycle Scope

  • Lead and own overarching IAM strategy and lifecycle governance, including:

    • Provisioning (joiners), Access changes (movers), De-provisioning (leavers)

    • Enhance user access reviews and certifications

    • Implement, enhance and automate segregation of duties (SoD) monitoring and governance

    • Design and implement role and entitlement management capabilities

    • Enable access-related compliance and audit readiness in preparation for continuous control monitoring and assessment in alignment with Governance Risk and Control Function

  • Ensure least privilege, timely access removal, and reduction of orphaned accounts

  • Integrate IAM with HR, applications, and enterprise platforms

  • Enhance privileged access management and management of non-human identities in preparation for advanced agentic AI capabilities

  • Advance privileged access, machine identity, and non-human identity security in support of automation, cloud, and AI use cases

  • Implement identity-centric Zero Trust controls and continuous authentication models

Continuous Threat and Exposure Management (CTEM)

  • Transform vulnerability, attack surface, and application security into a unified CTEM function

  • Implement continuous, threat-informed prioritization of exposures

  • Align findings to asset criticality and business risk

  • Improve remediation effectiveness and reduce exploitable attack paths

  • Enhance asset visibility, ownership clarity, and dependency mapping

  • Partner with Security Operations and Security Incident and Response functions to coordinate a unified approach across teams

  • Establish attack path analysis and exploitability-based risk prioritization to reduce material exposure

  • Define measurable outcomes such as reduction in attack surface, time-to-remediation, and control effectiveness

AI and Automation Enablement

  • Deploy AI and analytics to improve prioritization and decision-making

  • Automate repetitive security processes and control validation

  • Enhance reporting, telemetry, and audit evidence generation

  • Partner with Head of Security AI to establish secure AI lifecycle practices, including model governance, data protection, prompt security, and third-party AI risk management

  • Partner with Head of Security Operations to leverage AI to enhance threat detection, anomaly identification, and predictive risk analytics

DevSecOps and Secure Development

  • Embed security into the software development lifecycle (SDLC), CI/CD pipelines, and developer workflows

  • Partner with engineering teams to implement scalable DevSecOps practices and developer-friendly security tooling

Operating Model, Leadership and Other Requirements

  • Establish a global operating model with clear accountability, service ownership, and capability maturity roadmaps

  • Develop business cases tied to measurable risk reduction, operational efficiency, and cost optimization

  • Partner with executive leadership and provide board-level reporting on security posture, risk trends, and investment impact

  • Technology first leader with very strong interpersonal skills with demonstrated ability to build and maintain strong relationships and partnerships vertically and horizontally across a mix of business, technology, legal, HR, risk and audit leaders and practitioners

  • Establish a product- and platform-based security technology operating model

  • Define core requirements that evidence demonstrable risk reduction and can be measured using KPIs/KRIs in conjunction with the metrics and analytics program

  • Drive roadmap, investment prioritization, and tool rationalization

  • Drive budgetary discipline through management of finances, including the build of defendable business cases

  • Lead and develop high-performing, multi-disciplinary teams in a positive and respectful capacity leading to high engagement across all disciplines

  • Organically improve the security posture of the organization by ensuring the incorporation of secure principles into every phase of the design, development, deployment, and operation of systems and solutions

  • Assess current environment and design a target state architecture with all accompanying diagrams and documentation as required by architecture teams

  • Provide top-level support as needed on security and operational related issues

  • Represent information security interests on various project teams and special assignments as directed

  • Active in a continuous improvement of the existing process, methodologies, technologies and practices

  • Provide top-level on-call support as required for this type of role, which is factored into the compensation for this role

Resilience and Risk Integration

  • Partner with Security Operations and Incident Response to improve cyber resilience, recovery readiness, and crisis response integration

  • Ensure alignment with enterprise risk management and regulatory expectations through continuous control monitoring

Qualifications

  • 15+ years’ experience in a cybersecurity role with at least 5 as head of senior most security architect 
  • Previous and progressive experience in a technical security leadership position. 
  • Demonstrated experience modernizing security organizations (tool consolidation, automation, operating model redesign) 
  • Strong expertise in cloud-native security, Zero Trust, IAM, and CTEM practices 
  • Experience integrating cybersecurity with AI/ML technologies and governance frameworks 
  • Strong strategic thinking and decision-making capabilities 
  • Experience managing budgets, vendors, and large-scale programs 
  • Track record of delivering measurable improvements in risk reduction, efficiency, and security posture 
  • Disciplined thinker with structured approach to security architecture and strategic planning 
  • Inherent intellectual capability and curiosity to learn complex processes.  
  • Proven thought leadership, strategic thinking and decision-making. 
  • Must have strong analytical and problem-solving skills with the capability to identify solutions to unusual and complex problems. 
  • CISSP certification is strongly preferred 
  • Direct security related AI, networking, infrastructure, cloud, operating system, development, cloud, database experience is required  
  • Must be able to demonstrate proficiency in a wide range of security technologies, embedded security, and network platforms – in a global institution 
  • Ability to balance multiple priorities in high pressure situations 
  • Project, portfolio and resource management experience is required  
  • Must be willing to travel (Domestic and International) as required, but not to exceed 30-40% 

 

Education Requirement:

 

Bachelors Degree in Computer Science, Information Technology, Information Systems, or a related discipline. Equivalent experience and/or alternative qualifications will be considered. 

Additional Company Details

We do not accept unsolicited resumes from third party recruiting agencies or firms.

Additional Requirements

Location and Travel:
• Primary location Wilmington, DE.
• Travel: Domestic and international travel up to 30–40% as required.

Sponsorship Details

Sponsorship not Offered for this Role

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

Not ready to apply? Connect with us for general consideration.